Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system. These issues are caused by buffer overflow, uninitialized memory access, memory corruption, signedness and design errors when processing malformed data.

1. A vulnerability is caused due to insecure zlib code.

2. A vulnerability is caused due to insecure libxslt code.

3. An unspecified error in CoreGraphics within the processing of handling of color spaces can be exploited to cause a heap-based buffer overflow via a specially crafted image.

Successful exploitation may allow execution of arbitrary code.

4. A vulnerability in the processing of TIFF images can potentially be exploited to execute arbitrary code.

5. A vulnerability in the processing of JPEG images can potentially be exploited to execute arbitrary code.

6. A vulnerability in the handling of images with an embedded ICC profile can be exploited to execute arbitrary code.

7. Data supplied to form fields may be exposed via the browser page cache, although the "Autocomplete" feature is disabled.

8. A signedness error in Safari when handling Javascript array indices can be exploited to execute arbitrary code.

9. A vulnerability in the handling of style sheet elements can be exploited to execute arbitrary code.

10. An error in the plugin interface in Webkit can be exploited to disclose sensitive information by launching local files.